I'm new to mod_python and to apache config.
I would like to setup a master security "trap" that intercepts all .py urls
and then check for a cookie, and if it exists, I send it to the legacy
server which should respond with the user name. Most of our web stuff is on
that legacy server and it has it's own security model that is outside my
responsibility. If the cookie doesn't exist, I redirect to our standard
login page.
It doesn't look like I can use the Apache Basic authentication, since that
gives me the Apache login popup. I tried input filter, but can't get it to
work. Can anyone show what I'm doing wrong? my setup is...
-----------httpd.conf---------------------------------
<Directory "/var/www/html/modpytest">
AddHandler mod_python .py
PythonHandler form
# PythonHandler mod_python.publisher
PythonInputFilter security SECURITY
AddInputFilter SECURITY .py
PythonDebug On
</Directory>
-------------form.py------------------------------
from mod_python import apache
from mod_python import Cookie
from mod_python import Session
import urllib2
def handler(req):
apache.log_error('in handler')
req.content_type = "text/plain"
text = "basic handler works"
text += '\ndir(req) = ' + str( dir(req))
text += '\nget_config returns %s' % req.get_config()
text += '\nget_remote_host() returns %s' % req.get_remote_host()
text += '\nreq.the_request %s' % req.the_request
text += '\nreq.unparsed_uri %s' % req.unparsed_uri
text += '\nreeq.uri %s' % req.uri
text += '\nreq.args = ' + str(req.args) +'
'+str(type(req.args))
req.write(text)
return apache.OK
------------------security.py-----------------------
from mod_python import apache
def inputfilter(filter):
apache.log_error("inputfilter called")
s = filter.read()
while s:
filter.write(s.upper())
s = filter.read()
if s is None:
filter.close()
---------------------------------------------------------------------------
The information contained in this message may be privileged and / or
confidential and protected from disclosure. If the reader of this message is
not the intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If you
have received this communication in error, please notify the sender
immediately by replying to this message and deleting the material from any
computer.
---------------------------------------------------------------------------